[Buildroot] [PATCH 1/2] package/hostapd: add upstream 2019-5 security patches
Peter Korsgaard
peter at korsgaard.com
Sat Apr 27 12:22:21 UTC 2019
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security vulnerabilities:
> EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP
> peer) was discovered not to validate fragmentation reassembly state
> properly for a case where an unexpected fragment could be received. This
> could result in process termination due to NULL pointer dereference.
> For details, see the advisory:
> https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list